Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-1621

Exploit
  • EPSS 0.21%
  • Veröffentlicht 10.05.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:06

Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.8

CVE-2022-1629

Exploit
  • EPSS 0.62%
  • Veröffentlicht 10.05.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:07

Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution

7.5

CVE-2022-1620

Exploit
  • EPSS 0.14%
  • Veröffentlicht 08.05.2022 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:41:06

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (applicati...

7.8

CVE-2022-1619

Exploit
  • EPSS 0.92%
  • Veröffentlicht 08.05.2022 10:15:07
  • Zuletzt bearbeitet 21.11.2024 06:41:06

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

7.8

CVE-2022-1616

Exploit
  • EPSS 0.1%
  • Veröffentlicht 07.05.2022 19:15:07
  • Zuletzt bearbeitet 03.11.2025 21:15:50

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

9.1

CVE-2022-1053

  • EPSS 0.47%
  • Veröffentlicht 06.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:39:56

Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM...

7.5

CVE-2022-24884

  • EPSS 0.12%
  • Veröffentlicht 06.05.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:19

ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered vali...

8.1

CVE-2022-24903

  • EPSS 1.07%
  • Veröffentlicht 06.05.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:21

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vuln...

6.5

CVE-2022-27337

Exploit
  • EPSS 0.28%
  • Veröffentlicht 05.05.2022 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:55:36

A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

9

CVE-2022-29500

  • EPSS 1.35%
  • Veröffentlicht 05.05.2022 17:15:15
  • Zuletzt bearbeitet 21.11.2024 06:59:12

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.